Skip to main content

Exa takes data security and privacy seriously. We are proud to be SOC 2 Type II certified, demonstrating our commitment to maintaining rigorous information security practices and controls. Contact us at sales@exa.ai to discuss an Enterprise plan if you are interested in Zero Data Retention, HIPAA compliance, or other customized data security solutions. See HIPAA for API usage details. Visit our Trust Center to view our SOC 2 reports, Data Processing Agreement, and other security documentation.

Regional access restrictions

To comply with sanctions and trade restrictions, Exa blocks API access from sanctioned or otherwise restricted countries and regions, including Crimea, Cuba, Iran, North Korea, Russia, Syria, Ukraine, and Venezuela. Requests from these locations may be blocked by Cloudflare before they reach Exa. In that case, the response may be a Cloudflare WAF block page with a Ray ID instead of the standard Exa API error JSON. If you believe your traffic is being geolocated incorrectly, contact hello@exa.ai with your source IP address, country or region, request timestamp, and Cloudflare Ray ID.